Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-12100

Delete button on component and asset is active even without permission to do so

    XMLWordPrintable

    Details

      Description

      On a component or asset page in a Maven repository, the "Delete" button is enable even if I have only "nx-repository-view-maven2-myrepo-browse" privilege.

      Clicking the button and confirming the deletion leads to a org.apache.shiro.authz.AuthorizationException, but ideally the button should be disabled to make permissions checks easier.

      Acceptance

      • Make the error message user friendly.
        • (The permissions might have changed since the control rendered.)
      • Drive the button's state depending on the permissions.
        • Since 'delete (single) component' is atomic, we should enable the button only if the transaction will go through.
        • Ensure there's a tool tip to explain why it's disabled.

        Attachments

          Activity

            People

            • Assignee:
              mmartz Michael Martz
              Reporter:
              glucazeau Guillaume Lucazeau
              Last Updated By:
              Michael Martz
              Team:
              NXRM - Tron
            • Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Date of First Response: